Readit News logoReadit News
TheRealPomax commented on Google: 'Your $1000 phone needs our permission to install apps now' [video]   youtube.com/watch?v=QBEKl... · Posted by u/robtherobber
fidotron · 3 days ago
I think it's time for us to go back to having mobile phones (texting, virtual credit cards, tethered wifi hotspots etc). separate from mobile storage and compute (mp3 players, cameras etc.).

The modern mobile ecosystem is selling games consoles when the nerds want mobile Unix workstations.

TheRealPomax · 3 days ago
Or, and hear me out this is going to sound crazy: we finally stop pretending that we're using phones. When was the last time anyone actually used their "mobile phone" for actual real phone calls to a phone number that wasn't "phone support because the company involved is so ancient or dark patterned that they only offer phone support"? Or voluntarily initiated sending a text message, rather than using email or messenger software?

So how about we just stop making "mobile phones" and just sell what they are: pocket computers. And that name immediately tells legislators what's appropriate hardware control, namely: none. If you buy a pocket computer, you can now do with that computer whatever you want, and the company that makes the hardware has no say over that, and the company that makes the OS has no legal basis for locking you out of anything. And if those are the same company, then the EU can finally go "how about no, you get to break up or you will never sell anything in our market again".

TheRealPomax commented on Google debuts device-bound session credentials against session hijacking   feistyduck.com/newsletter... · Posted by u/speckx
stephendause · 6 days ago
I could be wrong, but I believe the author is referring to cookies being used for session authentication as opposed to general session management.
TheRealPomax · 6 days ago
That's still exactly what they they were invented, though. The very first example in RFC2109 is literally for tying a session to a login.

The "abstract idea" of a cookie is an identifier that it lets a server consider requests within a larger series of requests by the same person, but the fact that it can do that at all also meant that it solved the whole "how do we know whether this user is logged in without every page request after login needing to be a POST that includes the user's name and password again".

TheRealPomax commented on Show HN: Base, an SQLite database editor for macOS   menial.co.uk/base/... · Posted by u/__bb
hoistbypetard · 9 days ago
Because it a GUI that uses Mac-specific UI libraries that aren't available on Linux and Windows?

While the database stuff works on Linux and Windows, building UIs for the 3 platforms is very different, unless you use some cross platform wrapper layer. Which isn't the purpose of this one. You might want sqlitebrowser[1] if you're looking for something like that.

[1]:https://sqlitebrowser.org

TheRealPomax · 8 days ago
Yeah, already using that on the daily, it's just annoying to see folks go "I made something (better) and it's Mac only purely because of my UI library choice".
TheRealPomax commented on Show HN: Base, an SQLite database editor for macOS   menial.co.uk/base/... · Posted by u/__bb
TheRealPomax · 9 days ago
Why is it MacOS only though? Surely this can cross-compile for Linux and Windows perfectly fine?
TheRealPomax commented on RFC 9839 and Bad Unicode   tbray.org/ongoing/When/20... · Posted by u/Bogdanp
integralid · 11 days ago
I'm not certain... On one hand I agree that some characters are problematic (or invalid) - like unpaired surrogates. But the worst case scenario is imo when people designing data structures and protocols start to feel the need to disallow arbitrary classes of characters, even properly escaped.

In the example, username validation is a job of another layer. For example I want to make sure username is shorter than 60 characters, has no emojis or zalgo text, and yes, no null bytes, and return a proper error from the API. I don't want my JSON parsing to fail on completely different layer pre-validation.

And for username some classes are obviously bad - like explained. But what if I send text files that actually use those weird tabs. I expect things that work in my language utf8 "string" type to be encodable. Even more importantly, I see plenty of use cases for null byte, and it is in fact often seen in JSON in the wild.

On the other hand, if we have to use a restricted set of "normal" Unicode characters, having a standard feels useful - better than everyone creating their own mini standard. So I think I like the idea, just don't buy the argumentation or examples in the blog post.

TheRealPomax · 11 days ago
I think you missed the part where the RFC is about which Unicode is bad for protocols and data formats, and so which Unicode you should avoid when designing those from now on, with an RFC to consult to know which ones those are. It has nothing to do with "what if I have a file with X" or "what if I want Y in usernames", it's about "what should I do if I want a normal, well behaved, unicode-text-based protocol or data format".

It's not about JSON, or the web, those are just example vehicles for the discussion. The RFC is completely agnostic about what thing the protocols or data formats are intended for, as long as they're text based, and specifically unicode text based.

So it sounds like you like misread the blog post, and what you should be doing is now read the RFC. It's short. You can cruise through https://www.rfc-editor.org/rfc/rfc9839.html in a few minutes and see it's not actually about what you're focussing on.

TheRealPomax commented on Australian court finds Apple, Google guilty of being anticompetitive   ghacks.net/2025/08/12/aus... · Posted by u/warrenm
seydor · 22 days ago
I can't help thinking that a lot of anticompetitive cases will be won outside the US now that the US is in all-out trade war with the rest of the universe.
TheRealPomax · 22 days ago
looks at all the cases that never happened even well before Trump got elected

You should probably be thinking that the only places they can be won is outside the US.

TheRealPomax commented on Offline.kids – Screen-free activities for kids   offline.kids/... · Posted by u/ascorbic
topheroo · a month ago
I wonder how much of the site was AI-generated. The images definitely are (kids with different numbers of fingers from each other in the same picture lol).
TheRealPomax · a month ago
You could just have read the "about" page. Who cares if there's AI involved, this is a dad who made a thing for his own kids, and opened it up for everyone else. So what if they used AI if it does what they hoped it'd do and their kids like it?
TheRealPomax commented on Modern Node.js Patterns   kashw1n.com/blog/nodejs-2... · Posted by u/eustoria
farkin88 · a month ago
The killer upgrade here isn’t ESM. It’s Node baking fetch + AbortController into core. Dropping axios/node-fetch trimmed my Lambda bundle and shaved about 100 ms off cold-start latency. If you’re still npm i axios out of habit, 2025 Node is your cue to drop the training wheels.
TheRealPomax · a month ago
Those... are not mutually exclusive as killer upgrade. No longer having to use a nonsense CJS syntax is absolutely also a huge deal.

Web parity was "always" going to happen, but the refusal to add ESM support, and then when they finally did, the refusal to have a transition plan for making ESM the default, and CJS the fallback, has been absolutely grating for the last many years.

TheRealPomax commented on HTML-in-Canvas   github.com/WICG/html-in-c... · Posted by u/dannyobrien
TheRealPomax · a month ago
I pointed out text deficiencies in Canvas decades ago, only for Hixie to go "so put your text in a div and position the div over the canvas".

I wonder if the working groups are still run by that attitude.

TheRealPomax commented on At 17, Hannah Cairo solved a major math mystery   quantamagazine.org/at-17-... · Posted by u/baruchel
1024core · a month ago
> Only the University of Maryland and Johns Hopkins University were willing to welcome her straight into a doctoral program. She’ll start at Maryland in the fall. When she finishes, it will be her first degree.

Jeez... what a damning indictment of today's Universities.

She could just use her publication as a dissertation and be done with it!

TheRealPomax · a month ago
Conversely: if that's all it takes, there is no point in going to University just to get a piece of paper that says "you did the thing you already did".

University (for folks serious about continuing in academia after) is (obviously) about making sure you have the same base knowledge as everyone else, but also for you to come to terms with how academia actually works, who the bad players are, who the good players are, and who you need to know to get shit to happen for you. So in that sense, most Universities going "no" is literally the most accurate reflection of what life's going to be like on a continuous basis on the inside.

T

u/TheRealPomax

KarmaCake day8092April 26, 2012
About
I'm Pomax. I make things on the web. Typically you'll know me from https://pomax.github.io/bezierinfo or maybe https://pomax.github.io/are-we-flying

Software engineer at the Mozilla Foundation for 10 years, now working on Glitch at Fastly.

View Original